<?php
class Login
{
	static public function DoLogin()
	{
		if ( isset( $_SESSION['user'] ) )
			return true;

		if ( empty($_POST) )
			return false;

		$username = isset($_POST['username']) ? $_POST['username'] : null;
		$password = isset($_POST['password']) ? $_POST['password'] : null;
		$authcode = isset($_POST['AuthCode']) ? $_POST['AuthCode'] : null;

/*
		if ( !$username || !$password || !$authcode )
			return false;
		$config = Config::Instance();
		$adminname = (string) $config->admin->name;
		$adminpass = (string) $config->admin->pass;
		$admincode = $_SESSION['imgRndNum'];

		if ( $username == $adminname
			&& $password == $adminpass
			&& $authcode == $admincode
		)
		{
			$_SESSION['user'] = $username;
			return true;
		}
*/		
		if ( !$username || !$password || !$authcode )
			return false;

		$sql = 'select * from '. TABLE_PREFIX .'user where `name` = \''. $username .'\'';
		$user = DB::getQueryResult( $sql );
		if ( !empty($user['name']) && $password == $user['password'] && $authcode == $_SESSION['imgRndNum']){
			$_SESSION['user'] = $username;
			$_SESSION['user_id'] = $user['id'];
			return true;
		} else {
			return false;
		}

	}

	static public function GetUserId()
	{
		if ( isset($_SESSION['user']) ){
			$user_id = $_SESSION['user_id'];
			return $user_id ;
		} else {
			return 0;
		}
	}
	
	static public function NeedLogin()
	{
		/*
		if ( false == self::DoLogin() )
		{
			Template::Display('login');
			exit;
		}
		return self::GetUserId();
		*/
	}
}
?>
